Standardise
PricingSupportSign inGet started

Incident Management

Record and manage security incidents, track severity levels, meet Australian NDB 72-hour reporting deadlines, and follow structured response workflows.

Overview

Information security incidents — from phishing attacks and data breaches to system compromises and policy violations — must be detected, reported, and responded to in a structured manner. The Incident Management module in Standardise provides a centralised system for recording incidents, tracking their severity and status, and ensuring that Australian organisations meet their legal reporting obligations under the Notifiable Data Breaches (NDB) scheme.

Creating an Incident

When a security event is identified, click Create Incident and record:

  • Title— A brief summary of the incident (e.g. “Unauthorised access to customer database”).
  • Description — A detailed account of what happened, how it was detected, and its potential impact.
  • Severity — Classified as low, medium, high, or critical based on the impact and scope of the incident.
  • NDB flag — Whether the incident constitutes an eligible data breach under the Australian NDB scheme, which triggers the 72-hour reporting deadline.
  • Assignee — The team member responsible for leading the incident response.

Incident Workflow

Incidents follow a structured lifecycle:

  1. Open — The incident has been reported and is awaiting triage.
  2. Investigating — The incident is being analysed to determine scope, root cause, and impact.
  3. Contained — Immediate actions have been taken to limit the damage and prevent further impact.
  4. Resolved — The root cause has been addressed and normal operations restored.
  5. Closed — Post-incident review is complete and lessons learned have been documented.

NDB 72-Hour Deadline Tracking

Under the Australian Privacy Act 1988 (Part IIIC), organisations must notify the OAIC (Office of the Australian Information Commissioner) and affected individuals within 72 hours of becoming aware of an eligible data breach. Standardise provides visual countdown badges to help you track this deadline:

  • Green — More than 24 hours remaining.
  • Yellow — Between 12 and 24 hours remaining.
  • Red — Less than 12 hours remaining.
  • Pulsing red — The deadline has passed and the notification is overdue. An alert banner is displayed prominently on the incident page.

This visual system ensures that NDB-reportable incidents are never overlooked, helping your organisation avoid penalties for late notification.

Statistics and Export

The incident dashboard displays summary statistics including total incidents, open incidents, and incidents by severity. All incident data can be exported to CSV for management reporting, trend analysis, or regulatory submissions.

ISO 27001 Mapping

Incident management addresses Clause 10.1 (Continual Improvement), which requires organisations to react to nonconformities and take action to control and correct them. Additionally, Annex A controls A.5.24 (Information Security Incident Management Planning), A.5.25 (Assessment and Decision on Information Security Events), A.5.26 (Response to Information Security Incidents), A.5.27 (Learning from Information Security Incidents), and A.5.28 (Collection of Evidence) collectively require a comprehensive incident management capability.

Related Articles

Australian Compliance
Notifiable Data Breaches Scheme
Understand the NDB scheme under the Privacy Act, the 72-hour assessment deadline, OAIC notification requirements, and how Standardise tracks breaches with countdown badges.
ISO 27001 Guide
Clause 10: Improvement
Handling nonconformities, taking corrective action, and driving continual improvement of your ISMS.
ISMS Modules
Australian Compliance Hub
Track compliance with Australian Privacy Principles, Essential Eight maturity, Notifiable Data Breaches, and IRAP readiness — all in one place.
← Back to Help Center